After a quiet summer, a new Chrome zero-day vulnerability has been discovered.

The details on how this new zero-day operates and even how severe the issue is are murky, but the solution as usual is the same: PATCH NOW.

This issue impacts all Chrome versions under 76.0.3809.132 and is tracked under CVE-2019-5869. While Google has yet to publish details on the vulnerability or its severity, the researchers who discovered it consider it critical. Any user that visits an infected website could have arbitrary code run in their browser, stealing data or preventing operations.

When discussing your organization’s cyber hygiene, establishing good habits like applying operating system and software patches in a timely manner, staying on top of the deployment of third-party software and understanding the management and configuration of devices that are under your control is crucial to improving your organization’s ability to maintain and secure its information technology infrastructure. Making these habits routine across the organization will help ensure not only that your computers and software are running at peak efficiency but that user identities and other details that could be stolen or corrupted remain protected.

A fully patched and correctly configured infrastructure is the cornerstone of strong corporate security. But when it specifically comes to cyber hygiene, the majority (74%) of organizations believe that they can’t patch fast enough because they don’t have enough staff. Consequently, many (64%) are planning to hire dedicated resources for patch management in the next year. But disturbingly, more than half (57%) of companies still use spreadsheets and emails to track and assign patching tasks, so it’s no wonder that it’s taking 102 days on average to patch critical vulnerabilities.

Enterprises need to include multiple elements in a regular, ongoing cyber hygiene program to eliminate exposed vulnerabilities that can lead to lost or misplaced data or other dangerous consequences stemming from a security breach. But when selecting a cyber hygiene platform, one of the most critical factors will be whether you choose to deploy it on-premise or in the cloud.

Traditional On-Premises Solutions

While cyber hygiene is foundational in that it will eliminate the majority of an organization’s risk and should require the least amount of effort compared to other controls, the reality is that traditional solutions can be incredibly difficult to implement, maintain and use. Worse yet, traditional on-premises solutions are not architected in a way that supports the transformation of the modern workspace, specifically remote endpoints and virtual instances. They are overly complex and/or only partially address a full complement of mixed operating system and security hygiene fundamentals.

Today, IT departments and security teams are generally overwhelmed with too many separate tools and too much on their plates. There are simply too many “one-­off” tools with manually-driven workflows and too much legacy technology that is painful to deploy and maintain with costly on-­premises infrastructure.

When it comes to these disparate on-premises solutions, there’s a significant amount of cost and complexity involved, too. Organizations not only need to purchase, build, install and maintain their own servers, they also have to act as their own content delivery network (CDN), pulling patches down from vendors and putting them in a repository. Every time a vendor updates their product, there’s something new for an organization to download and install. From there, organizations have to deploy agents, which can be big and clunky, and they have to do so multiple times if they have infrastructure in different geographic locations or contrasting types of endpoints. Adding to the complexity that is constantly maintaining and updating your infrastructure, organizations actually have to patch their on-premises patch management servers.

Additionally, traditional IT management platforms do not generally provide a cohesive cross-platform functionality. Consequently, organizations might be buying, building, installing and maintaining physical infrastructure across all three operating systems — Windows, Mac and Linux. And all of this has massive implications on the amount of labor you’re investing in, your capital expense and the maintenance friction of on-premises approaches.

Underscoring the complexity, the myriad of disparate one-off tools forces organizations to hire cybersecurity professionals that require a certain level of expertise just to babysit one of the tools, optimizing, updating and ensuring that it is running well. But why are organizations paying these high-dollar, potentially impactful employees to spend all of their time just maintaining the tool instead of actually maintaining the environment?

Traditional on-premises solutions have an unnecessarily high total cost of ownership, and attempting to throw more humans or money at the problem without solving for the underlying inefficiencies and complexity of toolsets only makes it worse. As a result, the most impactful precautions a company should be taking are often not very well implemented.

Modern Cloud-Native Approach: In the Cloud

With a cloud-based cyber hygiene solution like Automox, there is zero infrastructure maintenance. There’s no server to procure and deploy, no patch repository or distribution point that you have to build or duplicate if you have geographically separated locations. There’s nothing to download and install on a regular basis, no server provisioning, no ongoing maintenance. Simply install a micro-agent on your endpoints, and you’re good to go because everything is handled in the cloud.

Even better, Automox works seamlessly across Windows, MacOS and Linux operating systems — all managed from a single user interface. After adding your devices, you can create policies to automate cyber hygiene. Automox inventories all hardware, software, patches and configuration details to remediate patch vulnerabilities, deploy required software, and fix misconfigured systems without the need for multiple tools.

Why Automox?

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-­fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. However, becoming a smaller target is not a point in time exercise — it’s a continuous process because the attack surface is always expanding and your business is always transforming.

Traditional IT ops tools have not brought the necessary level of automation, extensibility and agility required to mitigate risk fast enough with the resources at hand. As a result, IT departments are finding themselves bogged down in manual process and infrastructure maintenance while falling short of security compliance goals.

In order for an organization to become a smaller target requires an automated cyber hygiene platform, such as Automox, that delivers that following:

A cloud-native, cross-platform solution — with no complicated management infrastructure to maintain and broad cross-platform support for Windows, Mac and Linux from a single console. Being cloud native results in continuous connectivity with both local, cloud hosted and remote endpoint fleets without the need to deploy on-premise infrastructure, run virtual instances or tunnel back into the corporate network.

Built-in cyber hygiene fundamentals — including OS, software and third-party patching, system inventory and software deployment, as well as secure configurations. Admins must be able to deploy these elements with ease and fully automate actions by adding work tasks to policy baselines that are continuously enforced. Not only does this cyber hygiene automation immediately reduce up to 80% of vulnerability exposure with little effort, it also keeps configuration drift from ever occurring in the future.

Extensible automation worklets — allow IT ops to create any custom task they can imagine and avoid being confined by vendor roadmap “lock-in.” Worklets can be created for all supported operating systems (including Windows, Linux and Mac) and are powered by PowerShell and Bash scripting. Whatever you can imagine, Automox can apply to policy and automate.

Straightforward compliance reporting — provides the ability to demonstrate risk and compliance to a variety of executive and technical audiences. Being a smaller target is great, but you need easy and compelling ways to show the business and external auditors that your best-in-class practice is achieving (and exceeding) expected outcomes.

Our cross-platform, lightweight agent combined with our cloud-based platform delivers full visibility and control over your entire infrastructure in minutes. With Automox, you know exactly where you stand, instantly seeing which endpoints are misconfigured, missing critical patches or out of compliance. From there, you can better protect your infrastructure by leveraging the scale of automation. No more spreadsheets or manual updates, Automox ensures your entire infrastructure is patched, has the right software and is configured correctly regardless of OS, software or geographic location.

If you have any additional questions about how much better our cloud-native, cross-platform approach to cyber hygiene is when comparing us versus them, please visithttps://www.automox.com.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Unpatched endpoints can pose a significant security threat for any system, especially given the grim statistics on patch deployment across endpoints.

Survey data shows that 80 percent of CISOs and CIOs were shocked to discover that patches they thought were successfully deployed to all endpoints failed to update endpoints across their entire network. Unpatched endpoints that go undetected can be especially treacherous: If you think you've patched for something, you might assume the threat of attack on that vulnerability is gone – leaving the doors to exploitation wide open for malicious actors.

Automated patch management can increase endpoint visibility and help you ensure that patches are deployed across all devices on your network successfully. Failure to patch drives up to 60 percent of all data breaches. As attackers grow more sophisticated, automation represents an increasingly valuable tool for defense.

Unpatched Endpoints Are a Major Vulnerability

Taking a look at the 2017 WannaCry outbreak shows that unpatched endpoints are a major threat for organizations of all sizes. With losses to the tune of $4 billion, you'd think patching would be a top priority – yet reports show that even in 2019, the EternalBlue exploit responsible for WannaCry and NotPetya is still being used to spread malware across unpatched devices and systems.

According to an article written for SC Magazine, patching difficulties are responsible for a majority of all successful breaches. This article explains that many organizations are relying on legacy infrastructure to address their endpoint management, which can make the process of seeking out unpatched or noncompliant endpoints difficult and time-consuming. With inefficient and incomplete legacy architecture, it can take security professionals up to 90 days to achieve even just 80 percent completeness with patch deployment. This means your endpoints are vulnerable for far too long, especially in the case of zero-days or publicly disclosed vulnerabilities.

Patching shouldn't be viewed as an inconvenience; it is an essential part of good cyber hygiene and is key to minimizing your attack surface. But for many IT professionals, patch fatigue is a reality. Patching can be complex and time-consuming – especially across endpoints.

Unpatched endpoints are routinely named as one of the top dangers in endpoint security. This is largely thanks to a combination of poor visibility and outdated, manual patching processes that reduce efficiency.

Solving the Patching Problem

As InfoSec Institute explains, failure to take patch management seriously can put your endpoint security in jeopardy. Automated patch management is a valuable tool for your security arsenal for a variety of reasons. Not only does it help streamline the process of deploying patches across your network, automated tools – like Automox – increase endpoint visibility as well, making it easier for industry professionals to properly manage their network.

With automated patch management, security teams can deploy updates more efficiently and in less time. Long intervals between the time a vulnerability is discovered and the time it takes to patch for it are what bad actors are relying on when they go in for an attack. And as Palo Alto Networks contends, attackers use automated tools for exploitation – it makes perfect sense for organizations to use automated tools for security, too. There are many automated prevention tools available today, and automated patch management can offer security professionals a powerful solution to a growing problem.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Automox has a completely refreshed Software page beta now available for all users on the Manage plan! This refresh brings better performance, more clear information on the zero-days and critical issues facing your organization, and realtime “Patch Now” capabilities. The new Software page also helps you better respond to the threats facing the devices you manage.

Happy Friday you Spicey peppers. It's been a busy few weeks over here at Automox, and I am excited to let you all know about our first Spicehead exclusive hookup for all of you.

The Automox trial is typically 15 days. Is that enough to see how amazing it is at automating your patch capability? Yes. But I wanted to give you all more just for being my friends.

Starting immediately, all Spiceheads no matter the spice level get 30 days of the full feature, full capability, unlimited endpoint trial to dive in deep and get a feel for how we are helping to make you a smaller target to adversaries.

And to make sure this is tailored for all of you, you will only receive one e-mail from me during that trial. That's it. No sales call in the middle of the night — just a simple welcome e-mail.

What is Kubernetes?Kubernetes can be thought of as a container manager and systems API. It was used internally by Google for over 15 years before being open-sourced to the public in 2014. I find the easiest way is to think about Kubernetes is to think of it as docker on steroids.How Does Automox Use Kubernetes?Automox has recently switched to using Kubernetes in our core infrastructure because it fits perfectly into the natural progression of increasing demands. Originally, Automox used docker containers on their own in combination with AWS metrics for insight, and bash scripts for management. By using Kubernetes, we have more control, reliability, redundancy, and insight into our product.

Kubernetes Basics

Kubernetes ClustersIn Kubernetes, the highest level of abstraction is the cluster level. A cluster can be thought of as a context or environment and allows a single developer to manage different environments or projects from one machine or account. For example, a developer may be working on one project but have a local cluster for what they are currently working on, a dev cluster for the companies project that has yet to be released, and a production cluster for seeing and diagnosing issues if/when they arise in production. The benefit of Kubernetes in this scenario is that the developer has full insight to all levels of the product without having to log into a remote vm and run commands from there.Kubernetes NamespacesThe next level below a cluster is a namespace. A namespace is intended to group like things (pods/services/deployments) together, even if they don’t necessarily rely on each other. For example, a developer might choose to put all monitoring related things into the namespace called “monitoring”. Included in this might be pods for prometheus, grafana, etc. These are all very different things and not necessarily related, but are still an important part of monitoring.

Kubernetes PodsPods are where things start to get interesting. A pod contains groups of containers (explained below under ‘Kubernetes Containers’). Usually, a pod is considered to be a “primary” container, and if needed, containers referred to as sidecars or helpers. For example, you may have your “example-app” running in a container in the pod, and you might also have a second pod that holds a MySQL database. Let’s say you want to store temporary data in the “example-app” pod, but don’t want it to take up space on your database pod. Here, you could choose to have a second container on the “example-app” pod running its own MySQL database in it that can only be accessed by the “example-app” in that pod.

Kubernetes ContainersIf you know how to use docker containers, then you already know how they work in Kubernetes. Although Kubernetes supports other container runtimes, docker is most widely used.

The Series A investment was led by new investor TechOperators with participation from CRV, BlueNote Ventures and Tom Noonan, along with previous insiders.

In addition to personally participating in the financing, Noonan also joins the Automox board of directors. A cybersecurity veteran with more than 20 years of experience in the field, Noonan is currently a general partner at TechOperators and formerly the founder and CEO of Internet Security Systems (acquired by IBM), JouleX (acquired by Cisco) and Endgame.

“At the heart of every corporate cyber practice are two basic questions: are all of my systems and software patched and up to date, and are those systems configured and maintained correctly?” said Jay Prassl, Automox founder and CEO. “Unpatched and misconfigured systems are massive problems that represents 80 percent of the corporate attack surface. That is an astounding statistic. Imagine eliminating all those issues for corporations and organizations of every size. That is exactly what we are doing at Automox through our automated cloud platform."

Enterprise IT environments are increasingly complex. Today’s IT administrators must manage a growing pool of devices and new cybersecurity threats across a broad geography with limited resources. In addition, the fatigue caused by years of purchasing one-off solutions has made keeping critical infrastructure patched and configured at scale almost impossible.

Over the last 10 years the focus of the security industry has largely been on new and novel ways to scan, detect and report on threats, while little energy has been spent revolutionizing the tools to actually fix infrastructure vulnerabilities. Automox fills that void in the security market by empowering IT administrators with a suite of tools that automates the fundamental tasks that keep their organizations more secure than ever before.

“While cloud-based technology has revolutionized the enterprise security landscape, most enterprises large and small still rely on legacy, on-premise systems to keep their diverse systems up to date,” said Noonan. “Automox has modernized this cornerstone of enterprise security with a fully cloud-based offering to deploy and validate patches and security controls across their Windows, Mac and Linux infrastructure within one platform."

Traditional approaches to cyber-hygiene require many siloed products with each running on its own server that sits behind the corporate firewall. Organizations with multiple sites need multiple servers and software instances, each of which must be patched, updated and maintained. When systems move outside the protective firewall they become out of reach for traditional server-based security tools.

“Unpatched systems can have a material impact on a company and its profits,” said Devdutt Yellurkar, general partner at CRV. “We’re impressed by what Jay and the team at Automox have developed. They are tackling the fundamentals of security hygiene with a cloud-based approach that takes a huge weight off the IT staff, raises their security confidence and enables them to focus on the most critical threats to their infrastructure.”

TechOperators, CRV and Noonan join previous Automox investors including Ron Gula, founder and former CEO of Tenable Network Security; Art Coviello, former executive chairman of RSA; Tim Belcher, former CTO of RSA; Mike Viscuso, co-founder of Carbon Black; and Roger Thornton, CTO of AlienVault. Automox will be leveraging the new capital to accelerate the growth of engineering, sales and marketing. For more information see https://www.automox.com.

Join now for updates. Creating your account only takes a few minutes.

Automox in Spiceworks

1,001 IT Pros Follow Automox

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-
fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.